Connection of company networks to the Internet has resulted in a requirement for increased network security. This has resulted in some software systems, i.e., Financial Software Systems, requiring security information as part of their operation. Security information includes such information as encryption/decryption keys for encrypted databases, administrator passwords to access external resources such as a directory server, etc. Security information is typically stored in a configuration file that is accessible by the software systems.
While security information is used to ensure the security of particular software systems and the data they use, security information itself is typically not secure. Security information typically stored in a configuration file is in “clear text”, i.e., text in ASCII format. However, some software systems include devices to safeguard security information, such as storing security information in encrypted form. While this protects the security information when it is not being used, storing the information in encrypted form does not protect the security information when it is accessed. When security information is accessed by a particular software system, the security information must first be decrypted prior to being used. During this time, the security information is in clear text and thus is exposed.
To protect security information, software system operators typically use Hardware Security Modules (HSM). HSM physically protect security information by providing tamper-resistant security information storage. Additionally, HSM perform functions such as security information generation, security information backup, security information management, etc. Security information inside an HSM is typically accessed by a proprietary software interface.
FIG. 1 illustrates a typical network system using HSM. The network system has a security server (10) that contains root security information. The root security information allows a user with that information to access any resource on the network. Security information used by the security server is stored on an HSM (12). Additionally, the security server (10) runs the HSM interface that allows the security server to control all HMS (12) on the network. The network system may also have an application server (14) and a directory server (16). The application server (14) typically runs the business logic for a server-based application. The directory server typically runs a directory service. One task performed by the directory service is enabling a user to locate hosts and services on a network. The application server (14) and the directory server (16) also both store security information in HSM (12). Finally, the network system contains a web server (18).
The web server (18) typically runs server software that uses HyperText Transfer Protocol (HTTP) to serve up HyperText Mark-up Language (HTML) documents and any associated files and scripts when requested by a client, such as a Web browser (20). The web server (18) stores security information in an HSM (12).
When a web browser (20) is running a web application via a web server (18) and an application server (14), there may be a request to access sensitive data such as financial data located on the application server (14). The application server (14) on behalf of the web browser (20) requests some security information from the HSM (12). The security information on the HSM (12) is then accessed via the HSM Interface (11).